# Copyright 2019 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# NOTE: This file is auto generated by the elixir code generator program.
# Do not edit this file manually.

defmodule GoogleApi.BinaryAuthorization.V1.Model.VulnerabilityCheck do
  @moduledoc """
  An image vulnerability check, which rejects images that violate the configured vulnerability rules.

  ## Attributes

  *   `allowedCves` (*type:* `list(String.t)`, *default:* `nil`) - Optional. A list of specific CVEs to ignore even if the vulnerability level violates `maximumUnfixableSeverity` or `maximumFixableSeverity`. CVEs are listed in the format of Container Analysis note id. For example: - CVE-2021-20305 - CVE-2020-10543 The CVEs are applicable regardless of note provider project, e.g., an entry of `CVE-2021-20305` will allow vulnerabilities with a note name of either `projects/goog-vulnz/notes/CVE-2021-20305` or `projects/CUSTOM-PROJECT/notes/CVE-2021-20305`.
  *   `blockedCves` (*type:* `list(String.t)`, *default:* `nil`) - Optional. A list of specific CVEs to always raise warnings about even if the vulnerability level meets `maximumUnfixableSeverity` or `maximumFixableSeverity`. CVEs are listed in the format of Container Analysis note id. For example: - CVE-2021-20305 - CVE-2020-10543 The CVEs are applicable regardless of note provider project, e.g., an entry of `CVE-2021-20305` will block vulnerabilities with a note name of either `projects/goog-vulnz/notes/CVE-2021-20305` or `projects/CUSTOM-PROJECT/notes/CVE-2021-20305`.
  *   `containerAnalysisVulnerabilityProjects` (*type:* `list(String.t)`, *default:* `nil`) - Optional. The projects where vulnerabilities are stored as Container Analysis Occurrences. Each project is expressed in the resource format of `projects/[PROJECT_ID]`, e.g., `projects/my-gcp-project`. An attempt will be made for each project to fetch vulnerabilities, and all valid vulnerabilities will be used to check against the vulnerability policy. If no valid scan is found in all projects configured here, an error will be returned for the check. Maximum number of `container_analysis_vulnerability_projects` allowed in each `VulnerabilityCheck` is 10.
  *   `maximumFixableSeverity` (*type:* `String.t`, *default:* `nil`) - Required. The threshold for severity for which a fix is currently available. This field is required and must be set.
  *   `maximumUnfixableSeverity` (*type:* `String.t`, *default:* `nil`) - Required. The threshold for severity for which a fix isn't currently available. This field is required and must be set.
  """

  use GoogleApi.Gax.ModelBase

  @type t :: %__MODULE__{
          :allowedCves => list(String.t()) | nil,
          :blockedCves => list(String.t()) | nil,
          :containerAnalysisVulnerabilityProjects => list(String.t()) | nil,
          :maximumFixableSeverity => String.t() | nil,
          :maximumUnfixableSeverity => String.t() | nil
        }

  field(:allowedCves, type: :list)
  field(:blockedCves, type: :list)
  field(:containerAnalysisVulnerabilityProjects, type: :list)
  field(:maximumFixableSeverity)
  field(:maximumUnfixableSeverity)
end

defimpl Poison.Decoder, for: GoogleApi.BinaryAuthorization.V1.Model.VulnerabilityCheck do
  def decode(value, options) do
    GoogleApi.BinaryAuthorization.V1.Model.VulnerabilityCheck.decode(value, options)
  end
end

defimpl Poison.Encoder, for: GoogleApi.BinaryAuthorization.V1.Model.VulnerabilityCheck do
  def encode(value, options) do
    GoogleApi.Gax.ModelBase.encode(value, options)
  end
end
